<?php
 /**
 +------------------------------------------------------------------------------
 * FramkPHP 快速易用PHP框架
 +------------------------------------------------------------------------------
 * @package  Framk
 * @author   shawn fon <ucic5@163.com>
 +------------------------------------------------------------------------------
 */
 
class Filter{

	/**
	 * 预定义字符前添加反斜杠，防止SQL注入
	 * @param $value 需要过滤的值 
	 */
	public static function _addslashes($value) {
		if (get_magic_quotes_gpc()) return false; //如果已开启魔术变量
		$value = (array) $value;
		foreach ($value as $key => $val) {
			if (is_array($val)) {
				self::_addslashes($value[$key]);
			} else {
				$value[$key] = addslashes($val);
			}
		}
		return $value;
	}
	/**
	 * 自由替换过滤
	 */
	public function _strFilter($value) {
		$block = array("&", '"', "'", "<", ">", "%3C", "%3E");
		$replaceStr = array("&amp;", "&quot;", "&#039;", "&lt;", "&gt;", "&lt;", "&gt;");
		return str_replace($block, $replaceStr, $value);
	}	
	/**
	* 过滤HTML
	*/	
	public function _html($value) {

		if (function_exists('htmlspecialchars')) return htmlspecialchars($value);
		return str_replace(array("&", '"', "'", "<", ">"), array("&amp;", "&quot;", "&#039;", "&lt;", "&gt;"), $value);
	}

	/**
	* 防SQL注入
	*/	
	public function _sql($value) {
		$block = array('select', 'insert', 'update', 'delete', "\'", '\/\*','\.\.\/', '\.\/', 'union', 'into', 'load_file', 'outfile');
		return str_replace($block, '', $value);
	}
	/**
	* 过滤JS
	*/	
	public function _js($value) {

		$value = preg_replace("/(javascript:)?on(click|load|key|mouse|error|abort|move|unload|change|dblclick|move|reset|resize|submit)/i","&111n\\2",$value);
		$value = preg_replace("/<script(.*?)>(.*?)<\/script>/si","",$value);
		$value = preg_replace("/<iframe(.*?)>(.*?)<\/iframe>/si","",$value);
		$value = preg_replace ("/<object.+<\/object>/iesU", '', $value);
		return $value;
	}

	/**
	 * 过滤目录
	 */
	public function _path($path) {
		$path = str_replace(array("'",'#','=','`','$','%','&',';'), '', $path);
		return rtrim(preg_replace('/(\/){2,}|(\\\){1,}/', '/', $path), '/');
	}
	/**
	* 是否为正正数
	*/		
	public function isInt($value) {
	//if (preg_match("^[a-zA-Z0-9]{4,16}$", $str)) { 
		if(preg_match('/^[1-9]\d*$/', $value)){
		return $value;
		}else{
		return false;
		}
	}
	/**
	* 是否为中英数字
	*/		
	public function isStr($value) {

		if(preg_match('/^[a-zA-Z0-9-\x7f-\xff]+$/', $value)){
		return $value;
		}else{
		return false;
		}
	}


 /*  +------------------------------------------------------------------------------ */
}//
?>